Configuring Rip; Information About Rip; Rip Overview; Ripv2 Authentication - Cisco Nexus 3000 Series Configuration Manual

Information About RIP

S e n d d o c u m e n t c o m m e n t s t o n e x u s 3 k - d o c f e e d b a c k @ c i s c o . c o m

RIP Overview

RIP uses User Datagram Protocol (UDP) data packets to exchange routing information in small
internetworks. RIPv2 supports IPv4. RIPv2 uses an optional authentication feature supported by the
RIPv2 protocol (see the
RIP uses the following two message types:
•
•
RIP uses a
traverse before reaching its destination. A directly connected network has a metric of 1; an unreachable
network has a metric of 16. This small range of metrics makes RIP an unsuitable routing protocol for
large networks.

RIPv2 Authentication

You can configure authentication on RIP messages to prevent unauthorized or invalid routing updates in
your network. Cisco NX-OS supports a simple password or an MD5 authentication digest.
You can configure the RIP authentication per interface by using key-chain management for the
authentication keys. Key-chain management allows you to control changes to the authentication keys
used by an MD5 authentication digest or simple text password authentication. See the Cisco Nexus 3000
Series NX-OS Security Configuration Guide for more details about creating key-chains.
To use an MD5 authentication digest, you configure a password that is shared at the local router and all
remote RIP neighbors. Cisco NX-OS creates an MD5 one-way message digest based on the message
itself and the encrypted password and sends this digest with the RIP message (Request or Response).
The receiving RIP neighbor validates the digest by using the same encrypted password. If the message
has not changed, the calculation is identical and the RIP message is considered valid.
An MD5 authentication digest also includes a sequence number with each RIP message to ensure that
no message is replayed in the network.

Split Horizon

You can use split horizon to ensure that RIP never advertises a route out of the interface where it was
learned.
Split horizon is a method that controls the sending of RIP update and query packets. When you enable
split horizon on an interface, Cisco NX-OS does not send update packets for destinations that were
learned from this interface. Controlling update packets in this manner reduces the possibility of routing
loops.
You can use split horizon with poison revers to configure an interface to advertise routes learned by RIP
as unreachable over the interface that learned the routes.
split horizon with poison reverse enabled.
Cisco Nexus 3000 Series NX-OS Unicast Routing Configuration Guide, NX-OS Release 5.0(3)U1(1)
7-2
"RIPv2 Authentication" section on page
Request—Sent to the multicast address 224.0.0.9 to request route updates from other RIP-enabled
routers.
Response—Sent every 30 seconds by default (see the
page 7-17). The router also sends response messages after it receives a Request message. The
response message contains the entire RIP route table. RIP sends multiple response packets for a
request if the RIP routing table cannot fit in one response packet.
for the routing metric. The hop count is the number of routers that a packet can
hop count
Chapter 7
7-2).
"Verifying the RIP Configuration" section on
Figure 7-1 shows a sample RIP network with

Configuring RIP